2014 Industry Innovators: Security infrastructure

2014 Industry Innovators: Access Control

Security infrastructure is another one of those ever-changing categories. What looked like infrastructure a few years ago is, for the most part, long gone. In its place is the perimeterless network, the cloud and a plethora of mobile devices. Added to that, mobile devices can be company- or employee-provided. The era of bring-your-own-device (BYOD) was upon us before we knew it and organizations that would no more allow employees to bring their own computers to work than open the network to the outside world now have done both.

Computers around the globe – some company-owned, some employee-owned and some owned by people who are not under control of the organization's policies – now seek to access organizational resources and the organization, in the name of business drivers, not only permits access, it goes out of its way to make access easy. That's a big challenge for any security infrastructure but our Innovators this year have stepped up to the task.

There are a lot of ways to achieve a secure infrastructure – some better and some worse – and our three Innovators in this group have taken very creative approaches that raise the bar. Also, they are very different in which parts of the infrastructure they support. One focuses on mobile devices, one focuses on the integration of business enterprises and control system networks and one is in the governance, risk and compliance (GRC) space.

Last year the theme of this section was GRC, and while we must not ignore the real importance of that, we now have some new areas of concern. Not only do we have the GRC model and the BYOD challenge, we have been mixing control systems such as SCADA with our corporate enterprises for several years. This poses a significant risk to the critical infrastructure and, finally, we see a serious and innovative approach to protecting both environments.

All of that said, we are nowhere near what may emerge as a final definition of what a security infrastructure should look like. The landscape shifts way too fast to settle on any single solution to the problem. But, given the creative approaches we are beginning to see – especially in this group – we are betting that we'll continue to get closer.

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.